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DETAILED ACTION 
Response to Arguments 

1 . Applicant's arguments, see remarks, filed 25 September 2006, with respect to 
the rejection(s) of claim(s) 1-22, 25-31, and 34-39 under 35 U.S.C. have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. 
However, upon further consideration, a new ground(s) of rejection is made in view of 
newly found prior art reference(s). 

2. The applicant argued in substance the independent claims 1, 10, 18, and 27. 
However, the newly cited prior art teach these limitations. See below rejections. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

4. Claims 1 and 10 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Crichton et al. (2002/0031126). 

5. As per claim 1 , Crichton et al. teaches a method in a router having at least one 
outbound interface fll 72), the method comprising: establishing, on the outbound 
interface, a plurality of Internet Protocol (IP)-based secure connections with respective 
destinations based on receiving encrypted packets generated by a cryptographic 
module fl| 40-41), each encrypted packet successively output from the cryptographic 
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module having a corresponding successively-unique sequence number fl] 50 and % 74); 
controlling supply of data packets to the cryptographic module by: (1) assigning, for 
each secure connection, a corresponding queuing module fl] 43 and ^ 68) (2) 
reordering, in each queuing module, a corresponding group of the data packets 
associated with the corresponding secure connection according to a determined quality 
of service policy fl] 56 and 62) and based on a corresponding assigned maximum 
output bandwidth for the corresponding queuing module ft] 51), and (3) outputting to the 
cryptographic module the group of data packets, from each corresponding queuing 
module according to the corresponding assigned maximum output bandwidth, for 
generation of the encrypted packets fl] 5); and second outputting the encrypted packets 
from the cryptographic module to the one outbound interface for transport via their 
associated secure connections (H 3). 

6. As per claim 10, Crichton et al. teaches a router comprising: a cryptographic 
module configured for successively outputting encrypted packets having respective 
successively-unique sequence numbers fl| 50 and H 74); an outbound interface 
configured for establishing a plurality of Internet Protocol (IP)-based secure connections 
with respective destinations based on receiving respective streams of the encrypted 
packets (H 40-41); a queue controller configured for controlling supply of data packets to 
the cryptographic module, the queue controller configured for assigning, for each secure 
connection, a corresponding queuing module fl] 43 and ^ 68), each queuing module 
configured for: (I) outputting to the cryptographic module a corresponding group of the 
data packets associated with the corresponding secure connection fl| 5), and according 
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to a corresponding assigned maximum output bandwidth for the corresponding queuing 
module, for generation of the corresponding stream of the encrypted packets (fl 51), 
and (2) reordering the corresponding group of the data packets according to a 
determined quality of service policy and the corresponding assigned maximum output 
bandwidth fl| 56 and 62). 



Claim Rejections - 35 USC § 103 

7. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

8. Claims 2-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Crichton et al. as applied to claim 1 above, and further in view of Young et al. 
(2003/0093563). 

9. As per claim 2, Crichton et al. teach the mentioned limitations of claim 1 above 
but fail to teach a method, wherein the reordering step includes, in each queuing 
module, reordering the corresponding group of the data packets according to the 
determined quality of service policy in response to detection of a congestion condition in 
the outbound interface. However, Young et al. teaches a method, wherein the 
reordering step includes, in each queuing module, reordering the corresponding group 
of the data packets according to the determined quality of service policy in response to 
detection of a congestion condition in the outbound interface (see Young et al., H 9). It 
would have been obvious to one having ordinary skill in the art at the time of the 
invention to modify Crichton et al. to a method, wherein the reordering step includes, in 
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each queuing module, reordering the corresponding group of the data packets 
according to the determined quality of service policy in response to detection of a 
congestion condition in the outbound interface in order to implement a complete 
customer premise solution that enables secure, reliable and manageable delivery of 
voice, video and data services over common IP connections (see Young et al., U 2). 

10. As per claims 3-9, the above-mentioned motivation of claim 2 applies fully in 
order to combine Crichton et al. and Young et al. 

11. As per claim 3, Crichton et al.-Young et al. teach a method, wherein the 
reordering step includes, in each queuing module: establishing a plurality of queues 
having respective identified priorities (see Young et al., paragraph 0051); storing each 
data packet associated with the corresponding secure connection in one of the queues 
based on a corresponding identified priority for said each data packet (see Young et al., 
paragraph 0019); and selectively outputting the stored data packets from the queues, 
according to the corresponding quality of service policy (see Young et al., paragraph 
0009). 

12. As per claim 4, Crichton et al.-Young et al. teach a method, wherein: the 
establishing step includes establishing, on each of a plurality of the outbound interfaces 
(see Young et al., paragraph 0080), a corresponding plurality of the secure corrections 
with a corresponding plurality of respective destinations based on receiving a 
corresponding stream of encrypted packets from the cryptographic module (see Young 
et al., paragraph 0082); the controlling step includes controlling the supply of data 
packets, for each outbound interface, from the cryptographic module based on 



Application/Control Number: 10/759,182 Page 6 

Art Unit: 2141 

repeating the assigning, reordering, and outputting steps for each of the secure 
connections (see Young et al., paragraph 0150); the second outputting step including 
outputting each encrypted packet to a corresponding one of the outbound interfaces 
according to a routing decision executed by the router (see Young et al., paragraph 
0098). 

13. As per claim 5, Crichton et al.-Young et al. teach a method, wherein the second 
outputting step includes outputting the encrypted packets for transport via their 
associated secure connections according to IP Security (IPSEC) protocol (see Young et 
al., paragraph 0123). 

14. As per claim 6, Crichton et al.-Young et al. teach a method, wherein the 
determined quality of service policy implements a guaranteed quality of service for. one 
of a video stream and an audio stream (see Young et al., paragraph 0053). 

15. As per claim 7, Crichton et al.-Young et al. teach a method, wherein the audio 
stream is a Voice over IP media stream (see Young et al., paragraph 0053). 

16. As per claim 8, Crichton et al.-Young et al. teach a method, wherein the 
controlling step further includes obtaining, for each queuing module, the corresponding 
assigned maximum output bandwidth from a configuration register (see Young et al., 
paragraph 0051). 

17. As per claim 9, Crichton et al.-Young et al. teach a method, wherein the 
controlling step further includes negotiating, for at least one queuing module, the 
corresponding assigned maximum output bandwidth with the corresponding destination 
(see Young et al., paragraphs 0085-0087). 
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18. Claim 36 is rejected under 35 U.S.C. 103(a) as being unpatentable over Crichton 
et al. as applied to claim 1 above, and further in view of Haney (7,111,163). Crichton et 
al. teach the mentioned limitations of claim 1 above but fail to teach a method, wherein 
each secure connection is a corresponding encrypted tunnel. However, Haney teaches 
a method, wherein each secure connection is a corresponding encrypted tunnel (see 
Haney, col. 8, lines 10-44). It would have been obvious to one having ordinary skill in 
the art at the time of the invention to modify Crichton et al. to a method, wherein each 
secure connection is a corresponding encrypted tunnel in order to solve the quality of 
service problem by providing non-blocking bandwidth (bandwidth that will always be 
available and will always be sufficient) and predefining routes for the "private tunnel" 
paths between points on the internet between ISX facilities (see Haney, col. 4, line 62- 
col. 5, line 6). 

19. Claims 11-22, 25-31, 34-35, and 37-39 have similar limitations as to claims 1-10 
and 36; therefore, they are being rejected under the same rationale. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ranodhi Serrao whose telephone number is (571) 272- 
7967. The examiner can normally be reached on 8:00-4:30pm, M-F. 
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If attempts to reach the examiner by telephone are unsuccessful, the examinees 
supervisor, Rupal Dharia can be reached on (571) 272-3880. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




